The case puts the spotlight on a major problem where India is concerned: That we don’t have any data privacy or protection laws unlike many other parts of the world. While the government has said it will look at data privacy regulations, what is worrying is that there is no timeline on when we can expect such a legislation. More Indian citizens will be coming online, and right now there is no legislation to ensure service providers like Google, Facebook can’t create unfair terms when it comes to user data, privacy online.
If you look at the potential of the Indian market, then it becomes even more apparent that we need a law around user data privacy. India has around 432 million internet users, this will stand at around 700 million by 2020, according to some predictions. Given China remains a no go for most companies, India is a major market for Facebook, Google, Apple, Microsoft, or any other big technology firm.
Currently companies can freely share user data with third-parties services, their advertisers because there is no law specifically stopping any of this in India. In WhatsApp’s case, this data sharing is being done to improve the ad experience on Facebook and its suite of products.
For WhatsApp users, who are not on Facebook, this becomes unfair, unless they had opted out before hand. To be clear, WhatsApp won’t be sharing your messages per se; the app is end-to-end encrypted, which ensures this is not possible. But it will share some metadata, like user name, device info, login time, etc. Now that’s something users didn’t sign up for when they started using WhatsApp.
Digital services like Google, Facebook, are driven by ad-based models, and for these companies user data is doubly precious. Search history, online purchases, browsing habits, articles shared, and a lot more can be used to build a consumer’s identity, and target them with just the right ads.
So what happens to the user who doesn’t want to his/her online privacy invaded? When they don’t want to be profiled? Can you as a user question how the company treats the data you have created? Currently, there’s nothing you can do about this.
Finally, this nonchalance towards the problem of user data privacy becomes even more grave, when one considers Aadhaar data. With the card being made mandatory for pretty much everything from welfare services to even mobile phone connections (DoT has recommended this), there is growing concern on how this data, which includes biometrics will be kept secure.
In fact, reports have shown how Aadhaar data of citizens, including cricket star Mahendra Singh Dhoni’s, was easily available online. When there is no law for data privacy, what happens when your Aadhaar data is leaked online? Can you even decide who should have access to your Aadhaar data? For now, there is no legal recourse. Whether the Supreme Court case will lead to some change on that remains to be seen.